Help
RSS
API
Feed
Maltego
Contact
Domain > mx542.com
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
DNS Resolutions
Date
IP Address
2025-09-26
35.220.245.6
(
ClassC
)
2026-02-12
20.205.42.30
(
ClassC
)
Port 80
HTTP/1.1 301 Moved PermanentlyServer: nginx Date: Thu, 12 Feb 2026 05:16:39 GMTContent-Type: text/htmlContent-Length: 163Connection: keep-aliveLocation: https://mx542.com:51001/Strict-Transport-Security: max-age31536000; includeSubDomains; preload html>head>title>301 Moved Permanently/title>/head>body>center>h1>301 Moved Permanently/h1>/center>hr>center>nginx /center>/body>/html>
Port 443
HTTP/1.1 200 OKServer: nginx Date: Thu, 12 Feb 2026 05:16:40 GMTContent-Type: text/html; charsetutf-8Content-Length: 7183Connection: keep-aliveVary: Accept-EncodingX-Powered-By: ExpressAccess-Control-Allow-Origin: *Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, AcceptCache-Control: public, max-age0Last-Modified: Mon, 17 Nov 2025 07:26:46 GMTETag: W/1c0f-19a90b582f0Strict-Transport-Security: max-age31536000; includeSubDomains; preloadAccept-Ranges: bytes !DOCTYPE html>html langen>head> meta charsetUTF-8> title>/title> style> body { width: 100%; height: 100%; } #loading { width: 30px; height: 30px; border: 2px solid #000; border-radius: 30px; border-top-color: transparent; animation: cricle infinite 0.75s linear; position: absolute; left: 50%; top: 50%; } #refresh { width: 250px; height: 60px; border-radius: 10px; line-height: 60px; background-color: aliceblue; font-size: 20px; text-align: center; position: absolute; left: 50%; top: 50%; display: none; cursor: pointer; transform: translateX(-50%) translateY(-50%); } @keyframes cricle { 0% { transform: rotate(0deg); } 100% { transform: rotate(360deg); } } /style>/head>body> div idloading>/div> div idrefresh>刷新一下/div>/body>script> const TEST https://api.xgdaoyke.com // 测试环境 const PROD https://api.nxgibghl.com:2053 // 正式环境 const reporturl PROD + /api/v1/monitor/report let is_h5 false let failUrl let successUrl let jumpurl let ip let shortHost const reportFail () > { fetch(reporturl, { method: POST, headers: { Content-Type: application/json }, body: JSON.stringify({ ip, request_url: shortHost, fail_url: failUrl.join(,), success_url: successUrl.join(,), jump_url: jumpurl, source_type: 1, device_type: is_h5 ? H5 : PC }) }) } const testSpeed (domain, url) > { return new Promise((resole, reject) > { const start performance.now() try { const img document.createElement(img) let imgurl if (url.indexOf(/home) > -1) { imgurl domain + /verify/faviconweb.png } else { imgurl domain + /favicon.ico } img.src imgurl img.style.opacity 0 document.body.appendChild(img) let timer 5 const titmers setInterval(() > { timer-- if (timer 0) { clearInterval(titmers) //reportFail(domain) failUrl.push(domain) resole({ url, domain, speed: 100000 }) } }, 1000) img.onload () > { console.log(获取到了 + domain + 的图片) const end performance.now() clearInterval(titmers) successUrl.push(domain) resole({ url, domain, speed: end - start }) } img.onerror () > { clearInterval(titmers) console.log(没有找到 + url + 的图片) document.body.removeChild(img) //reportFail(domain) failUrl.push(domain) resole({ url, speed: 100000 }) } } catch (error) { failUrl.push(domain) resole({ url, domain, speed: 100000 }) } }) } const findfastestUrl async(urlList) > { const rowdata urlList const result await Promise.all( rowdata.map(data > { if (data.indexOf(/home) > -1) { const url data.split(/home)0 return testSpeed(url, data) } else if (data.indexOf(/app) > -1) { const url data.split(/app)0 return testSpeed(url, data) } else if (data.indexOf(/register) > -1) { const url data.split(/register)0 return testSpeed(url, data) } }) ) result.sort((a, b) > a.speed - b.speed) if (result.every(t > t.speed 100000)) { const refresh document.querySelector(#refresh) const loading document.querySelector(#loading) loading.style.display none refresh.style.display block refresh.onclick function() { window.location.reload() } reportFail() return } else { jumpurl result0.url reportFail() return result0.url } } const getJumpUrl async() > { checkoutH5() const res await fetch(/api/domains, { headers: { is_h5: is_h5 ? 1 : 0 } }) if (res.ok) { const data await res.json() //console.log(data) if (res && data.targetDomains && data.targetDomains.length) { ip data.ip shortHost data.host const fastestUrl await findfastestUrl(data.targetDomains) if (!fastestUrl) { return } if (data.code) { window.location.href fastestUrl + data.code + &proxy + data.host } else if (fastestUrl && fastestUrl.indexOf(/app) > -1) { window.location.href fastestUrl.split(/app)0 + ?proxy + data.host } else if (fastestUrl && fastestUrl.indexOf(/home) > -1) { window.location.href fastestUrl.split(/home)0 + ?proxy + data.host } else if (fastestUrl && fastestUrl.indexOf(/register) > -1) { window.location.href fastestUrl.split(/register)0 + ?proxy + data.host } else { window.location.href fastestUrl + &proxy + data.host } } } else { console.log(获取域名失败) } } const checkoutH5 () > { const ua navigator.userAgent if (ua.includes(Mobile)) { is_h5 true } else { is_h5 false } } getJumpUrl()/script>/html>
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]